Dumpsinfo is a good website providing the latest exams information and dumps questions for all hot IT certification exams, such as Microsoft, Cisco, Huawei, IBM, VMware, Fortinet, and so on. Features of Dumpsinfo’s products Instant Download Free Update in 3 Months Money back guarantee PDF and Software 24/7 Customer Support Besides, Dumpsinfo also provides unlimited access. You can get all Dumpsinfo files at lowest price. Check Point Certified Security Administrator R81 156-215.81 exam free dumps questions are available below for you to study. Full version: 156-215.81 Exam Dumps Questions 1.Fill in the blank: To create policy for traffic to or from a particular location, use the _____________. A. DLP shared policy B. Geo policy shared policy C. Mobile Access software blade D. HTTPS inspection Answer: B Explanation: Shared Policies The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. They are shared between all Policy packages. Shared policies are installed with the Access Control Policy. Software Blade Description Mobile Access Launch Mobile Access policy in a SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile. DLP Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users. Geo Policy Create a policy for traffic to or from specific geographical or political locations. 2.Which of the following licenses are considered temporary? A. Plug-and-play (Trial) and Evaluation B. Perpetual and Trial C. Evaluation and Subscription D. Subscription and Perpetual Answer: A 3.When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored? A. SmartConsole installed device B. Check Point user center C. Security Management Server D. Security Gateway Answer: C 4.What default layers are included when creating a new policy layer? A. Application Control, URL Filtering and Threat Prevention B. Access Control, Threat Prevention and HTTPS Inspection C. Firewall, Application Control and IPSec VPN D. Firewall, Application Control and IPS Answer: B 5.SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following A. Security Policy Management and Log Analysis B. Security Policy Management. Log Analysis. System Health Monitoring. Multi-Domain Security Management. C. Security Policy Management Log Analysis and System Health Monitoring D. Security Policy Management. Threat Prevention rules. System Health Monitoring and Multi-Domain Security Management. Answer: A 6.If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs? A. Log Implied Rule was not set correctly on the track column on the rules base. B. Track log column is set to Log instead of Full Log. C. Track log column is set to none. D. Log Implied Rule was not selected on Global Properties. Answer: D 7.A SAM rule Is implemented to provide what function or benefit? A. Allow security audits. B. Handle traffic as defined in the policy. C. Monitor sequence activity. D. Block suspicious activity. Answer: D Explanation: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_LoggingAndMo nitoring_AdminGuide/Topics-LMG/Monitoring-Suspicious-Activity-Rules.htm 8.Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes? A. All options stop Check Point processes B. backup C. migrate export D. snapshot Answer: D 9.What is the main difference between Threat Extraction and Threat Emulation? A. Threat Emulation never delivers a file and takes more than 3 minutes to complete B. Threat Extraction always delivers a file and takes less than a second to complete C. Threat Emulation never delivers a file that takes less than a second to complete D. Threat Extraction never delivers a file and takes more than 3 minutes to complete Answer: B 10.In which scenario is it a valid option to transfer a license from one hardware device to another? A. From a 4400 Appliance to a 2200 Appliance B. From a 4400 Appliance to an HP Open Server C. From an IBM Open Server to an HP Open Server D. From an IBM Open Server to a 2200 Appliance Answer: A Explanation: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolution details=&solutionid=sk56300 11.You can see the following graphic: What is presented on it? A. Properties of personal .p12 certificate file issued for user John. B. Shared secret properties of John’s password. C. VPN certificate properties of the John’s gateway. D. Expired .p12 certificate properties for user John. Answer: A 12.What is the user ID of a user that have all the privileges of a root user? A. User ID 1 B. User ID 2 C. User ID 0 D. User ID 99 Answer: C 13.Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common? A. All Connections (Clear or Encrypted) B. Accept all encrypted traffic C. Specific VPN Communities D. All Site-to-Site VPN Communities Answer: C 14.True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway A. True, CLI is the prefer method for Licensing B. False, Central License are handled via Security Management Server C. False, Central License are installed via Gaia on Security Gateways D. True, Central License can be installed with CPLIC command on a Security Gateway Answer: D 15.What protocol is specifically used for clustered environments? A. Clustered Protocol B. Synchronized Cluster Protocol C. Control Cluster Protocol D. Cluster Control Protocol Answer: D 16.Which back up method uses the command line to create an image of the OS? A. System backup B. Save Configuration C. Migrate D. snapshot Answer: D 17.When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service? A. The URL and server certificate are sent to the Check Point Online Web Service B. The full URL, including page data, is sent to the Check Point Online Web Service C. The host part of the URL is sent to the Check Point Online Web Service D. The URL and IP address are sent to the Check Point Online Web Service Answer: C 18.To view the policy installation history for each gateway, which tool would an administrator use? A. Revisions B. Gateway installations C. Installation history D. Gateway history Answer: C 19.The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands? A. Execute the command 'enable' in the cli.sh shell B. Execute the 'conf t' command in the cli.sh shell C. Execute the command 'expert' in the cli.sh shell D. Execute the 'exit' command in the cli.sh shell Answer: C 20.Which of the following is NOT an advantage to using multiple LDAP servers? A. You achieve a faster access time by placing LDAP servers containing the database at remote sites B. You achieve compartmentalization by allowing a large number of users to be distributed across several servers C. Information on a user is hidden, yet distributed across several servers. D. You gain High Availability by replicating the same information on several servers Answer: C 21.Which type of Check Point license ties the package license to the IP address of the Security Management Server? A. Central B. Corporate C. Local D. Formal Answer: A Explanation: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolution details=&solutionid=sk62685 22.How many users can have read/write access in Gaia Operating System at one time? A. One B. Three C. Two D. Infinite Answer: A Explanation: if another user has r/w access, you need to use "lock database override" or "unlock database" to claim r/w access. Ref: https://sc1.checkpoint.com/documents/R80.20_GA/WebAdminGuides/EN/CP_R80.20_Gaia_Ad minGuide/html_frameset.htm?topic=documents/R80.20_GA/WebAdminGuides/EN/CP_R80.20_Gaia _AdminGuide/162435 23.Fill in the blank: The position of an implied rule is manipulated in the __________________ window. A. NAT B. Firewall C. Global Properties D. Object Explorer Answer: C Explanation: "Note - In addition, users can access the Implied Rules configurations through Global Properties and use the implied policy view below Configuration." https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolution details=&solutionid=sk115600 24.What is NOT an advantage of Stateful Inspection? A. High Performance B. Good Security C. No Screening above Network layer D. Transparency Answer: A 25.When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed? A. Distributed B. Standalone C. Bridge Mode D. Targeted Answer: A Explanation: References: 26.Which of the following is NOT a valid deployment option for R80? A. All-in-one (stand-alone) B. Log server C. SmartEvent D. Multi-domain management server Answer: D 27.Fill in the blank: SmartConsole, SmartEvent GUI client, and ___________ allow viewing of billions of consolidated logs and shows them as prioritized security events. A. SmartView Web Application B. SmartTracker C. SmartMonitor D. SmartReporter Answer: A Explanation: "The SmartEvent Software Blade is a unified security event management and analysis solution that delivers real-time, graphical threat management information. SmartConsole, SmartView Web Application, and the SmartEvent GUI client consolidate billions of logs and show them as prioritized security events so you can immediately respond to security incidents" https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic =documents/R80/ CP_R80_LoggingAndMonitoring/131915 28.Fill in the blank: Authentication rules are defined for ____________. A. User groups B. Users using UserCheck C. Individual users D. All users in the database Answer: A 29.Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud? A. Firewall B. Application Control C. Anti-spam and Email Security D. Anti-Virus Answer: D Explanation: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPreventi on_AdminGuide/Topics-TPG/The_Check_Point_ThreatCloud.htm 30.What is the default shell of Gaia CLI? A. clish B. Monitor C. Read-only D. Bash Answer: A Explanation: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminG uide/Topics-GAG/CLI-Reference-_interface_.htm 31.Which statement is TRUE of anti-spoofing? A. Anti-spoofing is not needed when IPS software blade is enabled B. It is more secure to create anti-spoofing groups manually C. It is BEST Practice to have anti-spoofing groups in sync with the routing table D. With dynamic routing enabled, anti-spoofing groups are updated automatically whenever there is a routing change Answer: C 32.Fill in the blank: An Endpoint identity agent uses a ___________ for user authentication. A. Shared secret B. Token C. Username/password or Kerberos Ticket D. Certificate Answer: C Explanation: Two ways of auth: Username/Password in Captive Portal or Transparent Kerberos Auth through Kerberos Ticket. https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_Admi nGuide/Topics-IDAG/Identity-Sources-Browser-Based-Authentication.htm?tocpath=Introduction to Identity Awareness%7CIdentity Sources%7C_____2#Browser-Based_Authentication 33.Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base. What is the possible explanation for this? A. DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important. B. Another administrator is logged into the Management and currently editing the DNS Rule. C. DNS Rule is a placeholder rule for a rule that existed in the past but was deleted. D. This is normal behavior in R80 when there are duplicate rules in the Rule Base. Answer: B 34.What data MUST be supplied to the SmartConsole System Restore window to restore a backup? A. Server, Username, Password, Path, Version B. Username, Password, Path, Version C. Server, Protocol, Username, Password, Destination Path D. Server, Protocol, Username, Password, Path Answer: D 35. Site to site VPN - Connections between hosts in the VPN domains of all Site to Site VPN communities are allowed. These are the only protocols that are allowed: FTP, HTTP, HTTPS and SMTP. 36.When enabling tracking on a rule, what is the default option? A. Accounting Log B. Extended Log C. Log D. Detailed Log Answer: C 37.Where can administrator edit a list of trusted SmartConsole clients? A. cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server. B. In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients. C. WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients, via cpconfig on a Security Gateway. D. Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients. Answer: B 38.Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or__________. A. On all satellite gateway to satellite gateway tunnels B. On specific tunnels for specific gateways C. On specific tunnels in the community D. On specific satellite gateway to central gateway tunnels Answer: C Explanation: Each VPN tunnel in the community may be set to be a Permanent Tunnel. Since Permanent Tunnels are constantly monitored, if the VPN tunnel is down, then a log, alert, or user defined action, can be issued. A VPN tunnel is monitored by periodically sending "tunnel test" packets. As long as responses to the packets are received the VPN tunnel is considered "up." If no response is received within a given time period, the VPN tunnel is considered "down." Permanent Tunnels can only be established between Check Point Security Gateways. The configuration of Permanent Tunnels takes place on the community level and: 39.What is the default shell for the command line interface? A. Clish B. Admin C. Normal D. Expert Answer: A Explanation: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminG uide/Topics-GAG/Gaia-Clish-Commands.htm 40.When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component? A. None, Security Management Server would be installed by itself. B. SmartConsole C. SecureClient D. SmartEvent Answer: D 41.Consider the Global Properties following settings: The selected option “Accept Domain Name over UDP (Queries)” means: A. UDP Queries will be accepted by the traffic allowed only through interfaces with external anti- spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy. B. All UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy. C. No UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy. D. All UDP Queries will be accepted by the traffic allowed by first explicit rule written by Administrator in a Security Policy. Answer: A 42.DLP and Geo Policy are examples of what type of Policy? A. Inspection Policies B. Shared Policies C. Unified Policies D. Standard Policies Answer: B Explanation: https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_NextGen Security Gateway_Guide/html_frameset.htm?topic=documents/R80.30/WebAdminGuides/EN/CP_R80.30_Ne xtGenSecurityGateway_Guide/137006 43.Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components? A. The Security Gateway (SG) and Security Management Server (SMS) software and the CPUSE engine. B. Licensed Check Point products for the Gala operating system and the Gaia operating system itself. C. The CPUSE engine and the Gaia operating system. D. The Gaia operating system only. Answer: B Explanation: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topic s-GAG/CPUSE.htm 44.Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities? A. All Connections (Clear or Encrypted) B. Accept all encrypted traffic C. Specific VPN Communities D. All Site-to-Site VPN Communities Answer: B Explanation: The first rule is the automatic rule for the Accept All Encrypted Traffic feature. The Firewalls for the Security Gateways in the BranchOffices and LondonOffices VPN communities allow all VPN traffic from hosts in clients in these communities. Traffic to the Security Gateways is dropped. This rule is installed on all Security Gateways in these communities. 45.The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”? A. No, it will not work independently. Hit Count will be shown only for rules with Track options set as Log or alert B. Yes, it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway C. No, it will not work independently because hit count requires all rules to be logged D. Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways Answer: D 46.To enforce the Security Policy correctly, a Security Gateway requires: A. a routing table B. awareness of the network topology C. a Demilitarized Zone D. a Security Policy install Answer: B Explanation: The network topology represents the internal network (both the LAN and the DMZ) protected by the gateway. The gateway must be aware of the layout of the network topology to: 47.Which software blade does NOT accompany the Threat Prevention policy? A. IPS B. Application Control and URL Filtering C. Threat Emulation D. Anti-virus Answer: B 48.A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone? A. The zone is based on the network topology and determined according to where the interface leads to. B. Security Zones are not supported by Check Point firewalls. C. The firewall rule can be configured to include one or more subnets in a zone. D. The local directly connected subnet defined by the subnet IP and subnet mask. Answer: A Explanation: The Interface window opens. The Topology area of the General pane shows the Security Zone to which the interface is already bound. By default, the Security Zone is calculated according to where the interface Leads To. https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManag ement_AdminGuide/Topics-SECMG/Security-Zones.htm 49.R80.10 management server can manage gateways with which versions installed? A. Versions R77 and higher B. Versions R76 and higher C. Versions R75.20 and higher D. Version R75 and higher Answer: B 50.Identity Awareness allows the Security Administrator to configure network access based on which of the following? A. Name of the application, identity of the user, and identity of the machine B. Identity of the machine, username, and certificate C. Network location, identity of a user, and identity of a machine D. Browser-Based Authentication, identity of a user, and network location Answer: C 51.In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT ________. A. Upgrade the software version B. Open WebUI C. Open SSH D. Open service request with Check Point Technical Support Answer: C 52.What is the RFC number that act as a best practice guide for NAT? A. RFC 1939 B. RFC 1950 C. RFC 1918 D. RFC 793 Answer: C Explanation: https://datatracker.ietf.org/doc/html/rfc1918 53.Which firewall daemon is responsible for the FW CLI commands? A. fwd B. fwm C. cpm D. cpd Answer: A 54.Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic? A. Slow Path B. Medium Path C. Fast Path D. Accelerated Path Answer: A 55.Which of the following technologies extracts detailed information from packets and stores that information in state tables? A. INSPECT Engine B. Next-Generation Firewall C. Packet Filtering D. Application Layer Firewall Answer: B Explanation: Check Point FireWall-1’s Stateful Inspection overcomes the limitations of the previous two approaches by providing full application-layer awareness without breaking the client/server model. With Stateful Inspection, the packet is intercepted at the network layer, but then the INSPECT Engine takes over. It extracts state-related information required for the security decision from all application layers and maintains this information in dynamic state tables for evaluating subsequent connection attempts. This provides a solution which is highly secure and offers maximum performance, scalability, and extensibility. 56.An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE? A. Section titles are not sent to the gateway side. B. These sections are simple visual divisions of the Rule Base and do not hinder the order of rule enforcement. C. A Sectional Title can be used to disable multiple rules by disabling only the sectional title. D. Sectional Titles do not need to be created in the SmartConsole. Answer: C Explanation: Section titles are only for visual categorization of rules.